9470b25775df4ee753007e24036e69bc_JaffaCakes118 | Triage

Sharing

General

Target

9470b25775df4ee753007e24036e69bc_JaffaCakes118
Size

20KB
MD5

9470b25775df4ee753007e24036e69bc
SHA1

d692135f49ab2e44f2289f870a7b1e2c76c6a316
SHA256

8c00d23107c895eb6fad36e8d1f0d20454259b6997bcb2cd0d14ab470bc4a8a1
SHA512

6a188c85abd8d9bc50eb0449a1d9d082d17f56987f101d24abd2fcdd46d78181592991e154d44085a6e28e76e5fae2d309c633125ba0a75ccc1d8ff321f11c77
SSDEEP

384:4r+AHAr+Ll+d/pJgDArTq+EH55el5P/sOLf8vVYe/Ifa:U+AHNl+d7UArTLEZ5el5PZQvl

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
9470b25775df4ee753007e24036e69bc_JaffaCakes118

Files

9470b25775df4ee753007e24036e69bc_JaffaCakes118
.dll windows:5 windows x86 arch:x86

7632b18a88b6df43ae18e3614ca026bc

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetProcAddress
LoadLibraryA
GetLastError
Sleep
lstrcmpiA
lstrlenA
CloseHandle
lstrcpyA
GlobalAlloc
GlobalFree
DeleteFileA
FreeLibrary
LoadLibraryExA
SetFilePointer
GetModuleFileNameA
lstrcatA
CreateThread

Exports

Exports

Load2Graphic
StartVideo

Sections

.text
Size: 10KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1KB - Virtual size: 540B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ